Smart Grid
Introduction In the United States and many other countries, modernization of the electric power grid is central to national efforts to increase energy efficiency, transition to renewable energy sources, reduce greenhouse gas emissions, and build a sustainable economy that ensures prosperity for current and future generations. Around the world, billions of dollars and being spent to build a smart electric power grid, referred to as the Smart Grid. While the terminology varies from country to country, all notions of an advanced power grid for the 21st Century hinge on adding and integrating many varieties of digital computing and communications technologies and services with the power-delivery infrastructure. Bi-directional flows of energy and two-way communication and control capabilities will enable an array of new functionalities and applications that go beyond "smart" power meters. Definition The "Smart Grid" is a suite of initiatives to improve energy efficiency. Interactive smart meters can monitor electric power consumption, inform consumers of steps to take to decrease consumption, and provide detailed usage reports to utilities.See Smart Grid. As described in the July 2009 Smart Grid System Report from the U.S. Department of Energy: "Areas of the electric system that cover the scope of a smart grid include the following: * the delivery infrastructure (e.g., transmission and distribution lines, transformers, switches), * the end-use systems and related distributed-energy resources (e.g., building and factory loads, distributed generation, storage, electric vehicles), * management of the generation and delivery infrastructure at the various levels of system coordination (e.g., transmission and distribution control centers, regional reliability coordination centers, national emergency response centers), * the information networks themselves (e.g., remote measurement and control communications networks, inter- and intra-enterprise communications, public Internet), and * the financial and regulatory environment that fuels investment and motivates decision makers to procure, implement, and maintain all aspects of the system (e.g., stock and bond markets, government incentives, regulated or non-regulated rate-of-return on investment)." Characteristics of the Smart Grid Under the Energy Independence and Security Act of 2007 (EISA),Pub. L. No. 110-140, tit. XIII. the creation of a Smart Grid is a national policy.Id. §1301 ("It is the policy of the United States to support the modernization of the U.S.'s electric transmission and distribution system to maintain a reliable and secure electric infrastructure that can meet future demand growth and achieve the goals that together define a Smart Grid.") Distinguishing characteristics of the Smart Grid, as cited in the Act include: * Increased use of digital information and controls technology to improve reliability, security, and efficiency of the electric grid; * Dynamic optimization of grid operations and resources, with full cybersecurity; * Deployment and integration of distributed resources and generation, including renewable resources; * Development and incorporation of demand response, demand-side resources, and energy-efficiency resources; * Deployment of "smart" technologies for metering, communications concerning grid operations and status, and distribution automation; * Integration of "smart" appliances and consumer devices; * Deployment and integration of advanced electricity storage and peak-shaving technologies, including plug-in electric and hybrid electric vehicles, and thermal-storage air conditioning; * Provision to consumers of timely information and control options; and * Development of standards for communication and interoperability of appliances and equipment connected to the electric grid, including the infrastructure serving the grid. The Department of Energy has stated: :The application of advanced digital technologies (i.e., microprocessor-based measurement and control, communications, computing, and information systems) are expected to greatly improve the reliability, security, interoperability, and efficiency of the electric grid, while reducing environmental impacts and promoting economic growth. Achieving enhanced connectivity and interoperability will require innovation, ingenuity, and different applications, systems and devices to operate seamlessly with one another, involving the combined use of open system architecture, as an integration platform, and commonly-shared technical standards and protocols for communications and information systems. To realize smart grid capabilities, deployments must integrate a vast number of smart devices and systems.U.S. Dept. of Energy, Office of Electricity Delivery and Energy Reliability, Recovery Act Financial Assistance Funding Opportunity Announcement, Smart Grid Investment Grant Program (DE-FOA-0000058 June 25, 2009). To monitor and assess progress of deployments in the United States, the Department of Energy is tracking activities grouped under six chief characteristics of the envisioned Smart Grid:U.S. Dept. of Energy, Smart Grid System Report (July 2009). * Enables informed participation by customers; * Accommodates all generation and storage options; * Enables new products, services, and markets; * Provides the power quality for the range of needs; * Optimizes asset utilization and operating efficiently; and * Operates resiliently to disturbances, attacks, and natural disasters. Interoperability and cyber security standards will underpin component, system-level, and network-wide performances in each of these six important areas. The framework described in the EISA reflect several important characteristics. They include:Quotes in the bulleted list are from the EISA §1305. * that it be "flexible, uniform and technology neutral, including but not limited to technologies for managing smart grid information" * that it "accommodate traditional, centralized generation and transmission resources and consumer distributed resources" * that it be "flexible to incorporate regional and organizational differences and technological innovations" * that it "consider the use of voluntary uniform standards" that "incorporate appropriate manufacturer lead time." Spectrum policy An efficient Smart Grid requires spectrum capacity to support the broadband communications infrastructure required to operate the grid. A Smart Grid policy that presumes the availability of suitable spectrum for wireless connections could fall short of its intended goal unless spectrum policy is aligned. The Utilities Telecom Council (UTC) has published a report that argues for shared access to 30 MHz of spectrum at 1800-1830 MHz to meet wireless communication needs.Utilities Telecom Council, The Utility Spectrum Crisis: A Critical Need to Enable Smart Grids (Jan. 2009).http://www.utc.org/utc/utility-spectrum-crisis-critical-need-enable-smart-grids This band is currently allocated to federal users. Canada is in the process of a rule-making procedure that would make the 1800-1830 MHz band available for “electrical infrastructure;”Gazette Notice SMSE-008-08, June 7, 2008.http://www.ic.gc.ca/eic/site/smt-gst.nsf/eng/sf08971.html operating smart grids on compatible frequencies would facilitate cross-border management of power sources. Reportedly, the FCC will include recommendations for Smart Grid development as part of the National Broadband Plan. Recommendations could include ways for utilities to share federal spectrum bands.Paul Barbagallo, “FCC Official Says Broadband Plan To Have Smart Grid Recommendations,” Daily Report for Executives (Jan. 25, 2010). Security concerns With the Smart Grid’s transformation of the electric system to a two-way flow of electricity and information, the information technology (IT) and telecommunications infrastructures have become critical to the energy sector infrastructure. Therefore, the management and protection of systems and components of these infrastructures must also be addressed by an increasingly diverse energy sector. To achieve this requires that security be designed in at the architectural level. Risks to the grid include: * Increasing the complexity of the grid could introduce vulnerabilities and increase exposure to potential attackers and unintentional errors; * Interconnected networks can introduce vulnerabilities; * Increasing vulnerabilities to communication disruptions and introduction of malicious software that could result in denial of service or compromise the integrity of software and systems; * Increased number of entry points and paths for potential adversaries to exploit; and * Potential for compromise of data confidentiality, include the breach of customer privacy. In addition, the Smart Grid has additional vulnerabilities due to its complexity, large number of stakeholders, and highly time-sensitive operational requirements. A traditional IT-focused understanding of cyber security is that it is the protection required to ensure confidentiality, integrity, and availability of the electronic information communication system. For the Smart Grid, this definition of cyber security needs to be more inclusive. Cyber security in the Smart Grid includes both power and cyber system technologies and processes in IT and power system operations and governance. These technologies and processes provide the protection required to ensure confidentiality, integrity, and availability of the Smart Grid cyber infrastructure, including, for example, control systems, sensors, and actuators. Privacy Overview There are many significant privacy concerns and issues relating to the Smart Grid according to a high-level privacy impact assessment (PIA) by the Privacy Sub-Group of the Cyber Security Coordination Task Group responsible for addressing privacy on the Smart Grid, particularly in the area of consumer-to-utility information exchanges. The PIA stated that:U.S. Department of Commerce, "NIST Framework and Roadmap for Smart Grid Interoperability Standards Release 1.0 (Draft)" (Sept. 2009); U.S. Department of Commerce, "Draft NISTIR 7628 Smart Grid Cyber Security Strategy and Requirements" 8-14 (Sept. 2009). See also U.K. Department of Energy and Climate Change, "Impact Assessment of Smart/Advanced Meters Roll Out to Small and Medium Businesses" 23-24 (May 2009). * the privacy implications of the Smart Grid are not fully understood * there is a lack of formal privacy policies, standards or procedures by entities who are involved in the Smart Grid and collect information * comprehensive and consistent definitions of personally identifiable information do not generally exist in the utility industry * distributed energy resources and smart meters will reveal information about residential customers and activities within the house * roaming Smart Grid devices, such as electric vehicles recharging at a friend's house, could create additional personal information * smart meters and the Smart Grid network will be able to use personal information in unlimited numbers of ways * despite the 2000 resolution adopted by the National Association of Regulatory Utility Commissioners urging the adoption of privacy principles, few state level utility commissions have begun to assess privacy and the Smart Grid * future research is necessary and conducting further PIAs is critical. Privacy concerns arise when there is a possibility of discovering personally identifiable information ([PII) such as the personal habits, behaviors and lifestyles of individuals inside dwellings, and to use this information for secondary purposes, other than for the provision of electricity. Electric utilities and other providers may have access to information about what customers are using, when they are using it, and what devices are involved. An electricity usage profile could become a source of behavioral information on a granular level. Notice and purpose for use of PII The new smart meters and accompanying potential and actual uses create the need for utilities to be more transparent and clearly provide notice documenting the types of data collected, and the purposes for collecting the data. Within the Smart Grid implementation a clearly-specified notice must describe the purpose for the collection, use, retention, and sharing of PII. Data subjects should be told this information at or before the time of collection. Choice and consent to use PII New smart meters create the need for utilities to give residents a choice about the types of data collected. Utilities should obtain consent from residents for using the collected data for other purposes, and as a requirement before data can be shared with other entities. Collection of PII In the current operation of the electric grid, data taken from meters consists of basic data usage readings required to create bills. Under a smart grid implementation, meters will collect other types of data. Some of this additional data may be PII. Frequent meter readings may provide not only a detailed time-line of activities occurring inside a metered location, they could also lead to knowledge being gained about specific equipment usage or other internal business processes. The proliferation of smart appliances and utility devices throughout the grid, on both sides of the meter, means an increase in the number of devices that may generate data. The privacy risks presented by these smart appliances and devices on the customer side of the meter are expanded when these appliances and devices transmit data outside of the Home Automation Network (HAN) or building management system and do not have documented security requirements, effectively extending the perimeter of the system beyond the walls of the premises. Data may also be collected from electric vehicles and plug-in hybrid electric vehicles (EVs/PHEVs). Charging data may be used to track the travel times and locations for the EV/PHEV owners. Because of the associated privacy risks, only the minimum amount of data necessary for the utility companies to use for energy management and billing should be collected. However, the amount of information collected may vary, depending on whether or not power generation occurs on the premises. Home generation services will likely increase the amount of information created and shared. Use and retention of PII In the current operation of the electric grid, data taken from meters is used to create residents’ bills, determine energy use trends, and allow customers to control their energy usage both on-site and remotely. The new smart meters, and the Smart Grid network, will have the capability to use the collected data in an unlimited number of ways. Information should only be used or disclosed for the purpose for which it was collected, and should be divulged only to those parties authorized to receive it. PII should be aggregated or anonymized wherever possible to limit the potential for computer matching of records. PII should only be kept as long as is necessary to fulfill the purposes for which it was collected. Individual access In the current operation of the electric grid, data taken from the meters is obtainable by consumers from their own homes. The data collected in a Smart Grid implementation may be stored in multiple locations. Currently, there is no standardized process to allow residents to access to their own corresponding PII that may be stored throughout the Smart Grid. Currently, customers are able to access their account information through their monthly bill, utility websites, and annual terms and conditions statements. The utilities that comprise the Smart Grid should establish and provide to all customers a process to allow them to inspect their corresponding PII, and to request the correction of inaccuracies. Customers should also be informed about parties with whom PII has been shared. Disclosure and limiting use of PII Significant privacy concerns and risks exist when PII is inappropriately shared without the knowledge and consent of the individuals to whom the PII applies. Data collected through smart meters should be used solely for the specific purposes for which it was collected. If utilities wish to use the data for other purposes, or share the data with other entities, they should notify consumers, clearly communicate their plans, and obtain consent to use and share the data as described. Security and safeguards The data collected from smart meters may potentially be transmitted to and stored in multiple locations throughout the Smart Grid. Establishing strong security safeguards will be necessary to protect the PII from loss, theft, unauthorized access, disclosure, copying, use, or modification. Accuracy and quality of PII The data collected from smart meters and related equipment will potentially be stored in multiple locations throughout the Smart Grid. Meter data may be automatically collected in a variety of ways. The ability to inappropriately modify data could be significant in utilities where access controls are not appropriately set. Accordingly, establishing strong security safeguards will be necessary to protect the information. Since meter data may be stored in many locations, and therefore, accessed by many different individuals and entities and used for a very wide variety of purposes, PII data may be inappropriately modified. Automated Smart Grid decisions made for home energy use could be detrimental for residents (e.g., restricted power, thermostats turned to dangerous levels), while decisions about Smart Grid power use and activities could be based upon inaccurate information. Every effort must be made to ensure that PII collected throughout the Smart Grid, and at all locations where it is stored, is accurate, complete and relevant for the purposes identified, and remains accurate throughout the life of the PII. References External link * Smart Grid. Category:Technology Category:Electric